Mirror/picodav
1
0
Fork 0
mirror of https://github.com/kd2org/picodav.git synced 2024-11-16 08:38:27 +01:00
Code Issues Projects Releases Packages Wiki Activity

Rename JS and CSS files

Browse source 
FossilOrigin-Name: 94a7e24f922673576a34891702a0eb080b3cc17df204a6e2f6265485001accb8
This commit is contained in:
bohwaz 2022-11-22 01:05:11 +00:00
parent 2e5ef6a3e5
commit 57467c06fd
4 changed files with 37 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
.htaccess
View file

@ -4,7 +4,11 @@ RedirectMatch 404 \.picodav\.ini
RewriteEngine On RewriteEngine On
RewriteBase / RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_URI} \.picodav\.ini [OR] # Uncomment the following 2 lignes to make things a bit faster for
RewriteCond %{REQUEST_METHOD} !GET # downloading files, AND you don't use PicoDAV users to manage access,
# but a regular .htpasswd file and config for your web server.
#RewriteCond %{REQUEST_FILENAME} !-f [OR]
#RewriteCond %{REQUEST_METHOD} !GET
RewriteRule ^.*$ /index.php [END] RewriteRule ^.*$ /index.php [END]

16
README.md
View file

@ -39,10 +39,6 @@ The only requirement is PHP 7.4, or more recent (8.0 and 8.1 are also supported,
Note that by default, write access is disabled for security purposes. See below to enable write access. Note that by default, write access is disabled for security purposes. See below to enable write access.
### Other web servers than Apache
This is designed to work best with Apache web servers. If you are using another web server, you'll have to adapt the rules described in `.htaccess` to your own server.
### Configuration ### Configuration
PicoDAV accepts a configuration file named `.picodav.ini`. PicoDAV accepts a configuration file named `.picodav.ini`.
@ -132,12 +128,22 @@ Please note: if you do this, **EVERYONE** visiting your PicoDAV URL will be able
### Other notes ### Other notes
If you don't want to use the included users feature, you can also restrict access by using a [`.htpasswd` Apache file](https://www.cyberciti.biz/faq/create-update-user-authentication-files/). #### Using the web-server auth instead PicoDAV auth
If you don't want to use the provided auth (users and passwords) feature, you can also restrict access by using a [`.htpasswd` Apache file](https://www.cyberciti.biz/faq/create-update-user-authentication-files/), or any other mean provided by your web server.
If you do this, you might want to uncomment the two commented `RewriteCond` lines in `.htaccess`, this way all downloads of files will happen directly from the web server, and not going through PHP, making things a bit faster.
#### Security
For security purposes, the WebDAV server will not allow to read or delete UNIX hidden files (with the file name beginning with a dot, eg. `.htaccess` etc.). For security purposes, the WebDAV server will not allow to read or delete UNIX hidden files (with the file name beginning with a dot, eg. `.htaccess` etc.).
Access to PHP files is also disabled for the same reasons. Access to PHP files is also disabled for the same reasons.
### Other web servers than Apache
This is designed to work best with Apache web servers. If you are using another web server, you'll have to adapt the rules described in `.htaccess` to your own server.
## Dependencies ## Dependencies
This software includes the KD2\WebDAV class from the [KD2FW package](https://fossil.kd2.org/kd2fw/). This software includes the KD2\WebDAV class from the [KD2FW package](https://fossil.kd2.org/kd2fw/).

24
index.php
View file

@ -1778,7 +1778,7 @@ namespace PicoDAV
$out = parent::html_directory($uri, $list); $out = parent::html_directory($uri, $list);
if (null !== $out) { if (null !== $out) {
$out = str_replace('<body>', sprintf('<body style="opacity: 0"><script type="text/javascript" src="%s/webdav.js"></script>', rtrim($this->base_uri, '/')), $out); $out = str_replace('<body>', sprintf('<body style="opacity: 0"><script type="text/javascript" src="%s/.webdav/webdav.js"></script>', rtrim($this->base_uri, '/')), $out);
} }
return $out; return $out;
@ -1821,17 +1821,21 @@ RedirectMatch 404 \\.picodav\\.ini
RewriteEngine On RewriteEngine On
RewriteBase / RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_URI} \\.picodav\\.ini [OR] # Uncomment the following 2 lignes to make things a bit faster for
RewriteCond %{REQUEST_METHOD} !GET # downloading files, AND you don\'t use PicoDAV users to manage access,
# but a regular .htpasswd file and config for your web server.
#RewriteCond %{REQUEST_FILENAME} !-f [OR]
#RewriteCond %{REQUEST_METHOD} !GET
RewriteRule ^.*$ /index.php [END] RewriteRule ^.*$ /index.php [END]
'); ');
} }
if ($relative_uri == 'webdav.js' || $relative_uri == 'webdav.css') { if ($relative_uri == '.webdav/webdav.js' || $relative_uri == '.webdav/webdav.css') {
http_response_code(200); http_response_code(200);
if ($relative_uri == 'webdav.js') { if ($relative_uri == '.webdav/webdav.js') {
header('Content-Type: text/javascript', true); header('Content-Type: text/javascript', true);
} }
else { else {
@ -1846,12 +1850,12 @@ RewriteRule ^.*$ /index.php [END]
$fp = fopen(__FILE__, 'r'); $fp = fopen(__FILE__, 'r');
if ($relative_uri == 'webdav.js') { if ($relative_uri == '.webdav/webdav.js') {
fseek($fp, 49574, SEEK_SET); fseek($fp, 49805, SEEK_SET);
echo fread($fp, 25889); echo fread($fp, 25889);
} }
else { else {
fseek($fp, 49574 + 25889, SEEK_SET); fseek($fp, 49805 + 25889, SEEK_SET);
echo fread($fp, 6760); echo fread($fp, 6760);
} }
@ -1861,7 +1865,7 @@ RewriteRule ^.*$ /index.php [END]
} }
const CONFIG_FILE = __DIR__ . '/.picodav.ini'; const CONFIG_FILE = __DIR__ . '/.picodav.ini';
const INTERNAL_FILES = ['.picodav.ini', 'index.php', 'webdav.js', 'webdav.css']; define('PicoDAV\INTERNAL_FILES', ['.picodav.ini', basename(__FILE__), '.webdav/webdav.js', '.webdav/webdav.css']);
const DEFAULT_CONFIG = [ const DEFAULT_CONFIG = [
'ANONYMOUS_READ' => true, 'ANONYMOUS_READ' => true,

10
server.php
View file

@ -502,7 +502,7 @@ namespace PicoDAV
$out = parent::html_directory($uri, $list); $out = parent::html_directory($uri, $list);
if (null !== $out) { if (null !== $out) {
$out = str_replace('<body>', sprintf('<body style="opacity: 0"><script type="text/javascript" src="%s/webdav.js"></script>', rtrim($this->base_uri, '/')), $out); $out = str_replace('<body>', sprintf('<body style="opacity: 0"><script type="text/javascript" src="%s/.webdav/webdav.js"></script>', rtrim($this->base_uri, '/')), $out);
} }
return $out; return $out;
@ -542,10 +542,10 @@ namespace {
file_put_contents(__DIR__ . '/.htaccess', /*__HTACCESS__*/); file_put_contents(__DIR__ . '/.htaccess', /*__HTACCESS__*/);
} }
if ($relative_uri == 'webdav.js' || $relative_uri == 'webdav.css') { if ($relative_uri == '.webdav/webdav.js' || $relative_uri == '.webdav/webdav.css') {
http_response_code(200); http_response_code(200);
if ($relative_uri == 'webdav.js') { if ($relative_uri == '.webdav/webdav.js') {
header('Content-Type: text/javascript', true); header('Content-Type: text/javascript', true);
} }
else { else {
@ -560,7 +560,7 @@ namespace {
$fp = fopen(__FILE__, 'r'); $fp = fopen(__FILE__, 'r');
if ($relative_uri == 'webdav.js') { if ($relative_uri == '.webdav/webdav.js') {
fseek($fp, __PHP_SIZE__, SEEK_SET); fseek($fp, __PHP_SIZE__, SEEK_SET);
echo fread($fp, __JS_SIZE__); echo fread($fp, __JS_SIZE__);
} }
@ -575,7 +575,7 @@ namespace {
} }
const CONFIG_FILE = __DIR__ . '/.picodav.ini'; const CONFIG_FILE = __DIR__ . '/.picodav.ini';
const INTERNAL_FILES = ['.picodav.ini', 'index.php', 'webdav.js', 'webdav.css']; define('PicoDAV\INTERNAL_FILES', ['.picodav.ini', basename(__FILE__), '.webdav/webdav.js', '.webdav/webdav.css']);
const DEFAULT_CONFIG = [ const DEFAULT_CONFIG = [
'ANONYMOUS_READ' => true, 'ANONYMOUS_READ' => true,